[ubuntu/hirsute-security] icu 67.1-6ubuntu2.1 (Accepted)

Rodrigo Figueiredo Zaiden rodrigo.zaiden at canonical.com
Wed Nov 24 16:52:24 UTC 2021

icu (67.1-6ubuntu2.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: Double Free
    - debian/patches/CVE-2021-30535-prereq.patch: Fix invalid free when
      using long locale name in Locale functions in
    - debian/patches/CVE-2021-30535.patch: Fix edge cases with baseName
      in setKeywordValue function in source/common/locid.cpp to
      prevent double free and protect from heap corruption.
    - CVE-2021-30535
  * fix failing tests causing build-time failure: (LP: #1951432)
    - debian/patches/tzdata-2021b-tests.patch: Fix TestCalendar function
      in source/test/cintltst/ccaltst.c and TestGenericAPI in
      source/test/intltest/tztest.cpp to accept tz.version with longer
      string size to prevent tests from failing.
    - debian/patches/skip-tztests.patch: Skip specific Time Zones tests in
      TestAliasedNames and TestCanonicalID functions in
      source/test/intltest/tztest.cpp. They don't match with data from
      updated tzdata and needed to be skiped to prevent tests from failing.

Date: 2021-11-19 20:36:09.241754+00:00
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Hirsute-changes mailing list